5 Government Cybersecurity Challenges in 2010

Promises, Promises, the title of the Burt Bacharach and Hal David hit song of 1968, comes to mind when mulling government cybersecurity as the first decade of the 21st century draws to a close.

In 2009, President Obama promised to (and late in the year eventually did) name a White House cybersecurity coordinator, Homeland Security Secretary Janet Napolitano promised to begin hiring 1,000 new IT security pros, Sen. Tom Carper promised a new law to reform the Federal Information Security Management Act, Federal Chief Information Officer Vivek Kundra promised to get the federal government actively involved in secure cloud computing and NIST Director Patrick Gallagher promised to evaluate whether to restructure the agency.

Will 2010 be the year these promises become reality?

As Congress returns to Washington for the second session of the 111th Congress, GovInfoSecurity.com this week will present the top five cybersecurity challenges - one each weekday - the federal government will face in 2010:

Taking seven months to name a White House cybersecurity coordinator was the easy part. Now the tough work begins as Howard Schmidt takes the lead in implementing President Obama's cybersecurity initiatives. It could prove to be among the toughest and thankless jobs in government.

When Obama tapped Schmidt a few days before Christmas, the president directed his cybersecurity coordinator to develop a new, comprehensive cybersecurity strategy.

"God knows, we need one," said James Lewis, senior fellow at the public policy group Center for Strategic and International Studies and project leader of its Commission on Cybersecurity for the 44th Presidency, which issued a report that served as a blueprint for the White House's cyberspace review. "The old one was dreadful and it hasn't gotten any better, but the issue that we are going to face as a nation is that we have got a new global infrastructure that we are dependent on and we haven't figured out a good way to have the government deal with it and normally what we would do is create some kind of new office, department, agency to look at this."

Among other priorities Obama asked Schmidt to tackle:

Secure American critical information networks;

Ensure an organized, unified response to future cyber incidents;

Strengthen public-private partnerships here at home and international partnerships with allies and partners;

Promote research and development of next generation of technologies; and

Lead a national campaign to promote cybersecurity awareness and education.

Schmidt recognizes his role as a coordinator, and said fulfilling the president's goals must be a team effort. "Because ultimately no one - not government, not the private sector, not individual citizens - can keep us safe and strong alone when it comes to cybersecurity, our vulnerability is shared," Schmidt said in accepting the job. "And so is our responsibility to ensure that our networks are secure, trustworthy and resilient. So, as I told the president, I'm committed to bring all these stakeholders together around a new, comprehensive cyber strategy that keeps America secure and prosperous."

The biggest hullabaloo surrounding the White House cybersecurity adviser in 2009 - besides who would be named to the job - was its position within the White House. Schmidt reports through the National Security Council and Deputy National Security Adviser John Brennan, the NSC's No. 2 leader.

But the CSIS Commission recommended -- and some lawmakers propose -- giving the job more muscle through the creation of a White House Office of Cyberspace. Sen. Jay Rockefeller said the bill he's cosponsoring with Sen. Olympia Snowe would have the cybersecurity adviser report directly to the president.

Others lawmakers say they'd like to assess the situation after the cybersecurity coordinator has been in his job for a period of time. "It's sort of putting the cart before the horse, basically trying to legislate in a vacuum, and I don't know that that's the most productive way of determining what's in our best interest at this stage," said Rep. Yvette Clarke who chairs a House subcommittee with infosec oversight.

Operation Success!

Risk Management Framework: Learn from NIST

From heightened risks to increased regulations, senior leaders at all levels are pressured to
improve their organizations' risk management capabilities. But no one is showing them how -
until now.

Learn the fundamentals of developing a risk management program from the man who wrote the book
on the topic: Ron Ross, computer scientist for the National Institute of Standards and
Technology. In an exclusive presentation, Ross, lead author of NIST Special Publication 800-37
- the bible of risk assessment and management - will share his unique insights on how to:

Understand the current cyber threats to all public and private sector organizations;

Develop a multi-tiered risk management approach built upon governance, processes and
information systems;

Enter your email address to reset your password

Already have anISMG account?

Forgot Your Password Message:

Contact Us

Already have anISMG account?

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.